﻿using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.ComponentModel.DataAnnotations;
using System.Globalization;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;

using Carmall.Web.Models;
using Carmall.Entity;
using Carmall.BLL;

namespace Carmall.Web.Filters
{
    public class UrlAuthorizeAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            //base.OnAuthorization(filterContext);
            if (filterContext.HttpContext.Session["UserID"] == null)
            {
                filterContext.HttpContext.Response.Write("无访问权限");
                filterContext.HttpContext.Response.End();
            }
            else
            {
                List<ModulesInfo> pItems = AccountHelper.GetModules();
                var item = pItems.FirstOrDefault(c => c.Route == filterContext.HttpContext.Request.Path);

                if (item != null)
                {
                    if (Array.IndexOf<Int32>(AccountHelper.GetUserPermission(int.Parse(filterContext.HttpContext.Session["UserID"].ToString())), item.ModuleID) == -1)
                    {
                        filterContext.HttpContext.Response.Write("无访问权限");
                        filterContext.HttpContext.Response.End();
                    }
                }
                else
                {
                    filterContext.HttpContext.Response.Write("无访问权限");
                    filterContext.HttpContext.Response.End();
                }
            }
        }
    }
}